<?php

// Start Session
session_start();
require_once('Authorizer.php');
require_once('DBConfigQuery.php');
require_once('GenFunctions.php');
require_once('../config.inc.php');
require_once('../Validation.php');


if (isset($_POST['EditCreateEvent'])) {
    $_SESSION['FORMS']['FormCreateEvent'] = $_POST;
    session_write_close();
    header('Location: AdminEventCreate.php');
    exit();
}

// TODO VALIDATE THE INFO BEFORE THIS SCRIPT...
//Array to store validation errors
$errmsg_arr = array();

//Validation error flag
$errflag = FALSE;

// TODO VALIDATE THE INFO BASED ON VALIDATION.PHP/Validation Functions
//Sanitize the POST values
$etitle = clean($_POST['etitle'], $dbc);
$espkrname = clean($_POST['espkrname'], $dbc);
$espkrinfo = clean($_POST['espkrinfo'], $dbc);

$edate = clean($_POST['edate'], $dbc);
$etime = clean($_POST['etime'], $dbc);

$evenuename = clean($_POST['evenuename'], $dbc);
$evenueinfo = clean($_POST['evenueinfo'], $dbc);

$etype = clean($_POST['etype'], $dbc);
$estatus = clean($_POST['estatus'], $dbc);

$efeemem = clean($_POST['efeemem'], $dbc);
$efeeguest = clean($_POST['efeeguest'], $dbc);

$edescription = rtrim(ltrim(clean($_POST['edescription'], $dbc)));


//If Input Errors, Redirect EventCreatePage
if ($errflag) {
    $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
    $_SESSION['FORMS']['FormCreateEvent'] = $_POST;
    session_write_close();
    header('Location: AdminEventCreate.php');
    exit();
}

// Insert the information
$arrayEDate = explode("/", $edate); // [0]: Month, [1]: Day . [2]: Year
$sqlDateEDate = $arrayEDate[2] . '-' . $arrayEDate[0] . '-' . $arrayEDate[1];

if (strcasecmp($estatus, 'U') == 0 || strcasecmp($estatus, 'B') == 0 )
{
    // Clear other events since this one is going to be the Upcoming/Blocked
    // which could only be one in the DB
    mysqli_query($dbc,$U_None_None_EventStatus) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));
}


$q = sprintf($I_ALL_Events, $sqlDateEDate, $etitle, $espkrname, $espkrinfo, $etime,
                            $evenuename, $evenueinfo, $etype, $estatus,
                            $efeemem, $efeeguest, $edescription);
$r = mysqli_query($dbc, $q) or trigger_error("Query: $q\n<br />MySQL Error: " . mysqli_error($dbc));

//Check whether the query was successful or not
if ($r) {
    $idEvent = mysqli_insert_id($dbc);
    mysqli_close($dbc);

    if(isset ($_SESSION['FORMS']['ImgUploadEvents']['idImage']))
    {
        if(!copy('..' . UPLOADS_TEMP_DIR . $_SESSION['FORMS']['ImgUploadEvents']['idImage'],
                          '..' . UPLOADS_IMGEVENTS_DIR . $idEvent . "." . getFileExtension($_SESSION['FORMS']['ImgUploadEvents']['idImage'])))
        {
            $errmsg_arr[] = 'There was an error Uploading the picture. Please try again';
            $_SESSION['ERRMSG_ARR'] = $errmsg_arr;
        }

        deleteAllFilesDirectory('..' . UPLOADS_TEMP_DIR);
        unset($_SESSION['FORMS']['ImgUploadEvents']);
    }


    session_write_close();
    header("Location: AdminEventCreateSuccess.php");
    exit();
} else {
    // Free DB
    mysqli_close($dbc);
    die("Query failed");
}
?>